-
Notifications
You must be signed in to change notification settings - Fork 135
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Generate jwt tokens Implement git-lfs-authenticate to generate tokens through ssh Authenticate user using HTTP
- Loading branch information
1 parent
60c503d
commit 5ceacaf
Showing
44 changed files
with
1,392 additions
and
236 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package access | ||
|
||
import "context" | ||
|
||
// ContextKey is the context key for the access level. | ||
var ContextKey = &struct{ string }{"access"} | ||
|
||
// FromContext returns the access level from the context. | ||
func FromContext(ctx context.Context) AccessLevel { | ||
if ac, ok := ctx.Value(ContextKey).(AccessLevel); ok { | ||
return ac | ||
} | ||
|
||
return -1 | ||
} | ||
|
||
// WithContext returns a new context with the access level. | ||
func WithContext(ctx context.Context, ac AccessLevel) context.Context { | ||
return context.WithValue(ctx, ContextKey, ac) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
package backend | ||
|
||
import ( | ||
"crypto/rand" | ||
"encoding/hex" | ||
|
||
"github.com/charmbracelet/log" | ||
"golang.org/x/crypto/bcrypt" | ||
) | ||
|
||
const saltySalt = "salty-soft-serve" | ||
|
||
// HashPassword hashes the password using bcrypt. | ||
func HashPassword(password string) (string, error) { | ||
crypt, err := bcrypt.GenerateFromPassword([]byte(password+saltySalt), bcrypt.DefaultCost) | ||
if err != nil { | ||
return "", err | ||
} | ||
|
||
return string(crypt), nil | ||
} | ||
|
||
// VerifyPassword verifies the password against the hash. | ||
func VerifyPassword(password, hash string) bool { | ||
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password+saltySalt)) | ||
return err == nil | ||
} | ||
|
||
// GenerateAccessToken returns a random unique token. | ||
func GenerateAccessToken() string { | ||
buf := make([]byte, 20) | ||
if _, err := rand.Read(buf); err != nil { | ||
log.Error("unable to generate access token") | ||
return "" | ||
} | ||
|
||
return "ss_" + hex.EncodeToString(buf) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
package config | ||
|
||
import "github.com/charmbracelet/keygen" | ||
|
||
// KeyPair returns the server's SSH key pair. | ||
func (c SSHConfig) KeyPair() (*keygen.SSHKeyPair, error) { | ||
return keygen.New(c.KeyPath, keygen.WithKeyType(keygen.Ed25519)) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
package migrate | ||
|
||
import ( | ||
"context" | ||
|
||
"github.com/charmbracelet/soft-serve/server/db" | ||
) | ||
|
||
const ( | ||
passwordTokensName = "password tokens" | ||
passwordTokensVersion = 3 | ||
) | ||
|
||
var passwordTokens = Migration{ | ||
Version: passwordTokensVersion, | ||
Name: passwordTokensName, | ||
Migrate: func(ctx context.Context, tx *db.Tx) error { | ||
return migrateUp(ctx, tx, passwordTokensVersion, passwordTokensName) | ||
}, | ||
Rollback: func(ctx context.Context, tx *db.Tx) error { | ||
return migrateDown(ctx, tx, passwordTokensVersion, passwordTokensName) | ||
}, | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
DROP TABLE IF EXISTS access_tokens; | ||
|
||
ALTER TABLE users DROP COLUMN password; | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
ALTER TABLE users ADD COLUMN password TEXT; | ||
|
||
CREATE TABLE IF NOT EXISTS access_tokens ( | ||
id SERIAL PRIMARY KEY, | ||
name text NOT NULL, | ||
token TEXT NOT NULL UNIQUE, | ||
user_id INTEGER NOT NULL, | ||
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, | ||
updated_at TIMESTAMP NOT NULL, | ||
CONSTRAINT user_id_fk | ||
FOREIGN KEY (user_id) REFERENCES users(id) | ||
ON DELETE CASCADE | ||
ON UPDATE CASCADE | ||
); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
DROP TABLE IF EXISTS access_tokens; | ||
|
||
ALTER TABLE users RENAME TO users_old; | ||
|
||
CREATE TABLE IF NOT EXISTS users ( | ||
id INTEGER PRIMARY KEY AUTOINCREMENT, | ||
username TEXT NOT NULL UNIQUE, | ||
admin BOOLEAN NOT NULL, | ||
created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP, | ||
updated_at DATETIME NOT NULL | ||
); | ||
|
||
INSERT INTO users (username, admin, created_at, updated_at) | ||
SELECT username, admin, created_at, updated_at FROM users_old; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
ALTER TABLE users ADD COLUMN password TEXT; | ||
|
||
CREATE TABLE IF NOT EXISTS access_tokens ( | ||
id INTEGER primary key autoincrement, | ||
token text NOT NULL UNIQUE, | ||
name text NOT NULL, | ||
user_id INTEGER NOT NULL, | ||
created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP, | ||
updated_at DATETIME NOT NULL, | ||
CONSTRAINT user_id_fk | ||
FOREIGN KEY (user_id) REFERENCES users(id) | ||
ON DELETE CASCADE | ||
ON UPDATE CASCADE | ||
); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.